[libvirt] network domain name patch
Hi all, This is a followup to the excellent patch which allows static IP address assignment. The problem with that patch is that you can only set the host name and cannot set a FQDN because dnsmasq will, as a security measure, not allow it unless --domain is specified. This patch adds support for adding <domain name="my.domain" /> to the network config file. With that stanza, one can then use FQDNs on the static host assignments, and this should be the domain reported for any clients that request it. If <domain name .. ./> is not specified in the config file, then there is no change in behaviour. As a special case, you can also set the domain name to "#", whereupon dnsmasq interprets that to use the domain of the host OS. Example default.xml: <network> <name>default</name> <uuid>0098abb7-ff94-4df9-aa78-e4c3fe636a3d</uuid> <bridge name="virbr0" /> <domain name="mynet.net" /> <forward/> <ip address="192.168.122.1" netmask="255.255.255.0"> <dhcp> <host name="vm1.mynet.net" mac="00:16:3e:24:a5:84" ip="192.168.122.101" /> <host name='vm2.mynet.net' mac="00:16:3e:1f:9a:95" ip="192.168.122.102" /> <range start="192.168.122.2" end="192.168.122.99" /> </dhcp> </ip> </network> Here is the patch: diff -r -U 3 libvirt-0.4.4/src/network_conf.c libvirt-0.4.4jjr/src/network_conf.c --- libvirt-0.4.4/src/network_conf.c 2008-08-20 09:20:01.000000000 -0400 +++ libvirt-0.4.4jjr/src/network_conf.c 2008-09-06 14:03:56.000000000 -0400 @@ -326,6 +326,9 @@ VIR_FREE(tmp); } + /* Parse network domain information */ + def->domain = virXPathString(conn, "string(./domain[1]/@name)", ctxt); + /* Parse bridge information */ def->bridge = virXPathString(conn, "string(./bridge[1]/@name)", ctxt); tmp = virXPathString(conn, "string(./bridge[1]/@stp)", ctxt); diff -r -U 3 libvirt-0.4.4/src/network_conf.h libvirt-0.4.4jjr/src/network_conf.h --- libvirt-0.4.4/src/network_conf.h 2008-08-20 09:20:01.000000000 -0400 +++ libvirt-0.4.4jjr/src/network_conf.h 2008-09-06 14:03:56.000000000 -0400 @@ -57,6 +57,7 @@ char *name; char *bridge; /* Name of bridge device */ + char *domain; unsigned long delay; /* Bridge forward delay (ms) */ int stp : 1; /* Spanning tree protocol */ diff -r -U 3 libvirt-0.4.4/src/qemu_driver.c libvirt-0.4.4jjr/src/qemu_driver.c --- libvirt-0.4.4/src/qemu_driver.c 2008-08-29 03:20:02.000000000 -0400 +++ libvirt-0.4.4jjr/src/qemu_driver.c 2008-09-06 14:15:28.000000000 -0400 @@ -1105,6 +1105,7 @@ 1 + /* --keep-in-foreground */ 1 + /* --strict-order */ 1 + /* --bind-interfaces */ + (network->def->domain?2:0) + /* --domain name */ 2 + /* --pid-file "" */ 2 + /* --conf-file "" */ /*2 + *//* --interface virbr0 */ @@ -1136,6 +1137,11 @@ APPEND_ARG(*argv, i++, "--strict-order"); APPEND_ARG(*argv, i++, "--bind-interfaces"); + if (network->def->domain) { + APPEND_ARG(*argv, i++, "--domain"); + APPEND_ARG(*argv, i++, network->def->domain); + } + APPEND_ARG(*argv, i++, "--pid-file"); APPEND_ARG(*argv, i++, ""); Thanks! -JJ Reynolds
On Sat, Sep 06, 2008 at 03:14:45PM -0400, JJ Reynolds wrote:
Hi all,
This is a followup to the excellent patch which allows static IP address assignment. The problem with that patch is that you can only set the host name and cannot set a FQDN because dnsmasq will, as a security measure, not allow it unless --domain is specified.
This patch adds support for adding <domain name="my.domain" /> to the network config file. With that stanza, one can then use FQDNs on the static host assignments, and this should be the domain reported for any clients that request it. If <domain name .. ./> is not specified in the config file, then there is no change in behaviour.
As a special case, you can also set the domain name to "#", whereupon dnsmasq interprets that to use the domain of the host OS.
Sounds fine to me, and the patch looks clean and simple, I'm fine with this, someone else with more networking insight can back this up too ? thanks, Daniel -- Daniel Veillard | libxml Gnome XML XSLT toolkit http://xmlsoft.org/ daniel@veillard.com | Rpmfind RPM search engine http://rpmfind.net/ http://veillard.com/ | virtualization library http://libvirt.org/
[ Hum, I don't know why it seems my first mail didn't make it to the list, so reposting !] On Sun, Sep 07, 2008 at 06:37:16PM +0200, Daniel Veillard wrote:
On Sat, Sep 06, 2008 at 03:14:45PM -0400, JJ Reynolds wrote:
Hi all,
This is a followup to the excellent patch which allows static IP address assignment. The problem with that patch is that you can only set the host name and cannot set a FQDN because dnsmasq will, as a security measure, not allow it unless --domain is specified.
This patch adds support for adding <domain name="my.domain" /> to the network config file. With that stanza, one can then use FQDNs on the static host assignments, and this should be the domain reported for any clients that request it. If <domain name .. ./> is not specified in the config file, then there is no change in behaviour.
As a special case, you can also set the domain name to "#", whereupon dnsmasq interprets that to use the domain of the host OS.
Sounds fine to me, and the patch looks clean and simple, I'm fine with this, someone else with more networking insight can back this up too ?
thanks Daniel -- Daniel Veillard | libxml Gnome XML XSLT toolkit http://xmlsoft.org/ daniel@veillard.com | Rpmfind RPM search engine http://rpmfind.net/ http://veillard.com/ | virtualization library http://libvirt.org/
On Sat, Sep 06, 2008 at 03:14:45PM -0400, JJ Reynolds wrote:
Hi all,
This is a followup to the excellent patch which allows static IP address assignment. The problem with that patch is that you can only set the host name and cannot set a FQDN because dnsmasq will, as a security measure, not allow it unless --domain is specified.
This patch adds support for adding <domain name="my.domain" /> to the network config file. With that stanza, one can then use FQDNs on the static host assignments, and this should be the domain reported for any clients that request it. If <domain name .. ./> is not specified in the config file, then there is no change in behaviour.
As a special case, you can also set the domain name to "#", whereupon dnsmasq interprets that to use the domain of the host OS.
Dan pointed out a leak since the net->domain structure was not freed, I applied the patch in time for 0.4.5 with that fix added. We still need to add documentation for the feature, would you mind making a patch for formatnetwork.html.in describing the new element ad attribute and adding maybe an example ? thanks ! Daniel -- Daniel Veillard | libxml Gnome XML XSLT toolkit http://xmlsoft.org/ daniel@veillard.com | Rpmfind RPM search engine http://rpmfind.net/ http://veillard.com/ | virtualization library http://libvirt.org/
On Sat, Sep 06, 2008 at 03:14:45PM -0400, JJ Reynolds wrote:
This is a followup to the excellent patch which allows static IP address assignment. The problem with that patch is that you can only set the host name and cannot set a FQDN because dnsmasq will, as a security measure, not allow it unless --domain is specified.
I didn't know that anyone was using that patch (and surely it doesn't apply cleanly to recent libvirt versions). If this is being actively used then it should be part of libvirt ... Rich. -- Richard Jones, Emerging Technologies, Red Hat http://et.redhat.com/~rjones virt-df lists disk usage of guests without needing to install any software inside the virtual machine. Supports Linux and Windows. http://et.redhat.com/~rjones/virt-df/
Actually, it is part of libvirt. Whoever did it (sorry, I don't know who did it so cannot give them the credit they deserve) definately did the hard part and made it work. I just added the ability to have your virtuals have a FQDN. I will work on updating the documentation if that has not already been done. Sorry about missing the memory leak. Thanks! -JJ ----- Original Message ----- From: "Richard W.M. Jones" <rjones@redhat.com> To: "JJ Reynolds" <jjr@reynoldsus.net> Cc: <libvir-list@redhat.com> Sent: Friday, September 12, 2008 4:20 AM Subject: Re: [libvirt] network domain name patch
On Sat, Sep 06, 2008 at 03:14:45PM -0400, JJ Reynolds wrote:
This is a followup to the excellent patch which allows static IP address assignment. The problem with that patch is that you can only set the host name and cannot set a FQDN because dnsmasq will, as a security measure, not allow it unless --domain is specified.
I didn't know that anyone was using that patch (and surely it doesn't apply cleanly to recent libvirt versions). If this is being actively used then it should be part of libvirt ...
Rich.
-- Richard Jones, Emerging Technologies, Red Hat http://et.redhat.com/~rjones virt-df lists disk usage of guests without needing to install any software inside the virtual machine. Supports Linux and Windows. http://et.redhat.com/~rjones/virt-df/
As requsted, here is a patch for the network documentation. I don't know how to generate the html file from the in file but the guts are here and it seems right to me... Thanks! -JJ --- formatnetwork.html.in_orig 2008-09-12 23:21:18.000000000 -0400 +++ formatnetwork.html.in 2008-09-12 23:59:51.000000000 -0400 @@ -96,14 +96,26 @@ <pre> ... + <domain name="mynet.net" /> <ip address="192.168.122.1" netmask="255.255.255.0"> <dhcp> - <range start="192.168.122.2" end="192.168.122.254" /> + <host name="myhost1" mac="01:23:45:67:89:AB" ip="192.168.122.2" /> + <range start="192.168.122.3" end="192.168.122.254" /> </dhcp> </ip> </network></pre> <dl> + <dt><code>domain</code></dt> + <dd>The <code>domain</code> element is optional. If specified, then + the <code>name</code> attribute defines the default domain that will + be reported to hosts that request their domain via DHCP. It also + makes it possible to specify a fully qualified domain + name (host.domain.com) for static IP address assignments. If a "#" + is specified as the domain, then the domain of the host will be used. + If not specified, then the guest hosts will have no domain. + <span class="since">Since 0.4.5</span> + </dd> <dt><code>ip</code></dt> <dd>The <code>address</code> attribute defines an IPv4 address in dotted-decimal format, that will be configured on the bridge @@ -116,7 +128,7 @@ <dd>Immediately within the <code>ip</code> element there is an optional <code>dhcp</code> element. The presence of this element enables DHCP services on the virtual network. It will further - contain one or more <code>range</code> elements. + contain one or more <code>range</code> or <code>host</code> elements. <span class="since">Since 0.3.0</span> </dd> <dt><code>range</code></dt> @@ -126,6 +138,15 @@ must lie within the scope of the network defined on the parent <code>ip</code> element. <span class="since">Since 0.3.0</span> </dd> + <dt><code>host</code></dt> + <dd>The <code>ip</code> attribute specifies the IPv4 addess that will + be assigned, via DHCP, to the guest OS using a virtual network interface with a + mac address matching the <code>mac</code> attribute. The optional + <code>name</code> attribute will further assign the guest hostname. + If a domain is specified in the name attribute to create a FQDN, then + the <code>domain name</code> must also be specified, and they must match. + <span class="since">Since 0.4.5</span> + </dd> </dl> <h2><a name="examples">Example configuration</a></h2> @@ -154,6 +175,27 @@ </ip> </network></pre> + <h3><a name="examplesNAT">Static IP based network</a></h3> + + <p> + This example demonstrates how to assign static IPv4 addresses to + guest OSs. + </p> + + <pre> + <network> + <name>default</name> + <bridge name="virbr0" /> + <forward mode="nat"/> + <domain name="mydomain.net"/> + <ip address="192.168.122.1" netmask="255.255.255.0"> + <dhcp> + <range start="192.168.122.10" end="192.168.122.254" /> + <host mac="01:23:45:67:89:ab" ip="192.168.122.2" name="myhost1.mydomain.net" /> + <host mac="01:23:45:67:89:ac" ip="192.168.122.3" name="myhost2.mydomain.net" /> + </dhcp> + </ip> + </network></pre> <h3><a name="examplesRoute">Routed network config</a></h3> <p>
Retrying- I do not think that the last one pasted correctly. --- formatnetwork.html.in_orig 2008-09-12 23:21:18.000000000 -0400 +++ formatnetwork.html.in 2008-09-12 23:59:51.000000000 -0400 @@ -96,14 +96,26 @@ <pre> ... + <domain name="mynet.net" /> <ip address="192.168.122.1" netmask="255.255.255.0"> <dhcp> - <range start="192.168.122.2" end="192.168.122.254" /> + <host name="myhost1" mac="01:23:45:67:89:AB" ip="192.168.122.2" /> + <range start="192.168.122.3" end="192.168.122.254" /> </dhcp> </ip> </network></pre> <dl> + <dt><code>domain</code></dt> + <dd>The <code>domain</code> element is optional. If specified, then + the <code>name</code> attribute defines the default domain that will + be reported to hosts that request their domain via DHCP. It also + makes it possible to specify a fully qualified domain + name (host.domain.com) for static IP address assignments. If a "#" + is specified as the domain, then the domain of the host will be used. + If not specified, then the guest hosts will have no domain. + <span class="since">Since 0.4.5</span> + </dd> <dt><code>ip</code></dt> <dd>The <code>address</code> attribute defines an IPv4 address in dotted-decimal format, that will be configured on the bridge @@ -116,7 +128,7 @@ <dd>Immediately within the <code>ip</code> element there is an optional <code>dhcp</code> element. The presence of this element enables DHCP services on the virtual network. It will further - contain one or more <code>range</code> elements. + contain one or more <code>range</code> or <code>host</code> elements. <span class="since">Since 0.3.0</span> </dd> <dt><code>range</code></dt> @@ -126,6 +138,15 @@ must lie within the scope of the network defined on the parent <code>ip</code> element. <span class="since">Since 0.3.0</span> </dd> + <dt><code>host</code></dt> + <dd>The <code>ip</code> attribute specifies the IPv4 addess that will + be assigned, via DHCP, to the guest OS using a virtual network interface with a + mac address matching the <code>mac</code> attribute. The optional + <code>name</code> attribute will further assign the guest hostname. + If a domain is specified in the name attribute to create a FQDN, then + the <code>domain name</code> must also be specified, and they must match. + <span class="since">Since 0.4.5</span> + </dd> </dl> <h2><a name="examples">Example configuration</a></h2> @@ -154,6 +175,27 @@ </ip> </network></pre> + <h3><a name="examplesNAT">Static IP based network</a></h3> + + <p> + This example demonstrates how to assign static IPv4 addresses to + guest OSs. + </p> + + <pre> + <network> + <name>default</name> + <bridge name="virbr0" /> + <forward mode="nat"/> + <domain name="mydomain.net"/> + <ip address="192.168.122.1" netmask="255.255.255.0"> + <dhcp> + <range start="192.168.122.10" end="192.168.122.254" /> + <host mac="01:23:45:67:89:ab" ip="192.168.122.2" name="myhost1.mydomain.net" /> + <host mac="01:23:45:67:89:ac" ip="192.168.122.3" name="myhost2.mydomain.net" /> + </dhcp> + </ip> + </network></pre> <h3><a name="examplesRoute">Routed network config</a></h3> <p> ----- Original Message ----- From: "JJ Reynolds" <jjr@reynoldsus.net> To: <libvir-list@redhat.com> Sent: Friday, September 12, 2008 10:45 PM Subject: Re: [libvirt] network domain name patch
Actually, it is part of libvirt. Whoever did it (sorry, I don't know who did it so cannot give them the credit they deserve) definately did the hard part and made it work. I just added the ability to have your virtuals have a FQDN.
I will work on updating the documentation if that has not already been done.
Sorry about missing the memory leak.
Thanks!
-JJ
----- Original Message ----- From: "Richard W.M. Jones" <rjones@redhat.com> To: "JJ Reynolds" <jjr@reynoldsus.net> Cc: <libvir-list@redhat.com> Sent: Friday, September 12, 2008 4:20 AM Subject: Re: [libvirt] network domain name patch
On Sat, Sep 06, 2008 at 03:14:45PM -0400, JJ Reynolds wrote:
This is a followup to the excellent patch which allows static IP address assignment. The problem with that patch is that you can only set the host name and cannot set a FQDN because dnsmasq will, as a security measure, not allow it unless --domain is specified.
I didn't know that anyone was using that patch (and surely it doesn't apply cleanly to recent libvirt versions). If this is being actively used then it should be part of libvirt ...
Rich.
-- Richard Jones, Emerging Technologies, Red Hat http://et.redhat.com/~rjones virt-df lists disk usage of guests without needing to install any software inside the virtual machine. Supports Linux and Windows. http://et.redhat.com/~rjones/virt-df/
-- Libvir-list mailing list Libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Retry #2. --- formatnetwork.html.in_orig 2008-09-12 23:21:18.000000000 -0400 +++ formatnetwork.html.in 2008-09-12 23:59:51.000000000 -0400 @@ -96,14 +96,26 @@ <pre> ... + <domain name="mynet.net" /> <ip address="192.168.122.1" netmask="255.255.255.0"> <dhcp> - <range start="192.168.122.2" end="192.168.122.254" /> + <host name="myhost1" mac="01:23:45:67:89:AB" ip="192.168.122.2" /> + <range start="192.168.122.3" end="192.168.122.254" /> </dhcp> </ip> </network></pre> <dl> + <dt><code>domain</code></dt> + <dd>The <code>domain</code> element is optional. If specified, then + the <code>name</code> attribute defines the default domain that will + be reported to hosts that request their domain via DHCP. It also + makes it possible to specify a fully qualified domain + name (host.domain.com) for static IP address assignments. If a "#" + is specified as the domain, then the domain of the host will be used. + If not specified, then the guest hosts will have no domain. + <span class="since">Since 0.4.5</span> + </dd> <dt><code>ip</code></dt> <dd>The <code>address</code> attribute defines an IPv4 address in dotted-decimal format, that will be configured on the bridge @@ -116,7 +128,7 @@ <dd>Immediately within the <code>ip</code> element there is an optional <code>dhcp</code> element. The presence of this element enables DHCP services on the virtual network. It will further - contain one or more <code>range</code> elements. + contain one or more <code>range</code> or <code>host</code> elements. <span class="since">Since 0.3.0</span> </dd> <dt><code>range</code></dt> @@ -126,6 +138,15 @@ must lie within the scope of the network defined on the parent <code>ip</code> element. <span class="since">Since 0.3.0</span> </dd> + <dt><code>host</code></dt> + <dd>The <code>ip</code> attribute specifies the IPv4 addess that will + be assigned, via DHCP, to the guest OS using a virtual network interface with a + mac address matching the <code>mac</code> attribute. The optional + <code>name</code> attribute will further assign the guest hostname. + If a domain is specified in the name attribute to create a FQDN, then + the <code>domain name</code> must also be specified, and they must match. + <span class="since">Since 0.4.5</span> + </dd> </dl> <h2><a name="examples">Example configuration</a></h2> @@ -154,6 +175,27 @@ </ip> </network></pre> + <h3><a name="examplesNAT">Static IP based network</a></h3> + + <p> + This example demonstrates how to assign static IPv4 addresses to + guest OSs. + </p> + + <pre> + <network> + <name>default</name> + <bridge name="virbr0" /> + <forward mode="nat"/> + <domain name="mydomain.net"/> + <ip address="192.168.122.1" netmask="255.255.255.0"> + <dhcp> + <range start="192.168.122.10" end="192.168.122.254" /> + <host mac="01:23:45:67:89:ab" ip="192.168.122.2" name="myhost1.mydomain.net" /> + <host mac="01:23:45:67:89:ac" ip="192.168.122.3" name="myhost2.mydomain.net" /> + </dhcp> + </ip> + </network></pre> <h3><a name="examplesRoute">Routed network config</a></h3> <p>
OK.. I can't figure it out.. mail is messing with line breaks and whatnot. Have a better method? Thanks! -JJ
On Sat, Sep 13, 2008 at 12:22:01AM -0400, JJ Reynolds wrote:
OK.. I can't figure it out.. mail is messing with line breaks and whatnot. Have a better method?
Can you not just attach it? Rich. -- Richard Jones, Emerging Technologies, Red Hat http://et.redhat.com/~rjones virt-top is 'top' for virtual machines. Tiny program with many powerful monitoring features, net stats, disk stats, logging, etc. http://et.redhat.com/~rjones/virt-top
What a novel idea... trying that :) ----- Original Message ----- From: "Richard W.M. Jones" <rjones@redhat.com> To: "JJ Reynolds" <jjr@reynoldsus.net> Cc: <libvir-list@redhat.com> Sent: Monday, September 15, 2008 7:36 AM Subject: Re: [libvirt] network domain name patch
On Sat, Sep 13, 2008 at 12:22:01AM -0400, JJ Reynolds wrote:
OK.. I can't figure it out.. mail is messing with line breaks and whatnot. Have a better method?
Can you not just attach it?
Rich.
-- Richard Jones, Emerging Technologies, Red Hat http://et.redhat.com/~rjones virt-top is 'top' for virtual machines. Tiny program with many powerful monitoring features, net stats, disk stats, logging, etc. http://et.redhat.com/~rjones/virt-top
participants (3)
-
Daniel Veillard -
JJ Reynolds -
Richard W.M. Jones